7/23/2017

Automatically we can redirect non secure HTTP URL to secure HTTPS URL in tomcat. Any web application to secure the data transfer we use to configure https access. Some times even after setting up the https default http still accessible . This could a security thread for the application.

Assuming your already configured HTTPS access for the application , Now we need do the change web.xml in tomcat under apache-tomcat-8.0.36/conf/web.xml to redirect all non http access to https.